The GIAC GSE: The Grandmaster of Information Security Certifications

For anyone interested in Information Security certifications, the GIAC GSE one to keep on your mental radar. It’s a SANS certification (GIAC), but the trick is that it’s not just one test, or even one set of tests.

It requires that you have three GIAC certs already: the GSEC, the GCIA, and the GCIH, and two of the three have to be gold, i.e. with an accepted paper.

But that’s not all, that just lets you take the GSE multiple choice exam, which is now proctored as with all main GIAC exams. And only if you pass that can you do the REAL test–which is an elaborate lab exam that’s something like the CCIE in the Cisco world.

Here are the various domains that are tested in the lab:

  • IDS and Traffic Analysis Domain

    • capture traffic

    • analyze traffic

    • interpret traffic

    • IDS tools

  • Incident Handling Domain

    • IH process

    • common attacks

    • malware

    • preserving evidence

  • ITSEC Domain

    • windows security

    • unix security

    • secure communications

    • protocols

    • security principles

  • Security Technologies Domain

    • firewalls

    • port and vulnerability scanners

    • sniffers and analyzers

    • common tools

  • Soft Skills Domain

    • security policy and business issues

    • information warfare and social engineering

    • writing ability

    • presentation ability

    • analysis ability

    • teamwork

All in all, a pretty good collection of skills–and when tested effectively in a lab environment it gives the GSE some significant weight.

I actually have my GSEC and GCIA already, and I am gold in GSEC. I could potentially do GCIH with a paper and be eligible to start the GSE process myself. But I really don’t know how much that would give me at this point.

I think a masters degree might be more valuable from an HR/marketing perspective, but I almost feel like I’m reaching a point in my career where HR just doesn’t matter anymore. I’m most likely to get a job at this point based on people knowing me already (directly or indirectly) and/or completely owning in interviews. I just don’t feel like I need to get a flashy cert (CISSP is all that matters anyway) to survive a resume spray-and-pray exercise anymore.

In other words, the irony of the GSE is that anyone capable of getting it doesn’t need it to get a job in security. They can already work pretty much wherever they want to. The GSE is kind of like a personal badge of badass–an accomplishment that says you’re well-rounded in the field and are capable of following through on a serious accomplishment. It’s kind of like an advanced degree in that way.

Still, it’d be a lot of fun to do it.:


Related posts: